DEBIAN-CVE-2023-53491

In the Linux kernel, the following vulnerability has been resolved: startkernel: Add nostackprotector function attribute Back during the discussion of commit a9a3ed1eff36 "x86: Fix early boot crash on gcc-10, third try" we discussed the need for a function attribute to control the omission of sta...

DEBIAN-CVE-2023-53492

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not ignore genmask when looking up chain by id When adding a rule to a chain referring to its ID, if that chain had been deleted on the same batch, the rule might end up referring to a deleted chain. This...

DEBIAN-CVE-2023-53487

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtasflash: allow user copy to flash block cache objects With hardened usercopy enabled CONFIGHARDENEDUSERCOPY=y, using the /proc/powerpc/rtas/firmwareupdate interface to prepare a system firmware update yields a BUG: kern...

DEBIAN-CVE-2023-53484

In the Linux kernel, the following vulnerability has been resolved: lib: cpurmap: Avoid use after free on rmap-obj array entries When calling irqsetaffinitynotifier with NULL at the notify argument, it will cause freeing of the glue pointer in the corresponding array entry but will leave the...

DEBIAN-CVE-2023-53479

In the Linux kernel, the following vulnerability has been resolved: cxl/acpi: Fix a use-after-free in cxlparsecfmws KASAN and KFENCE detected an user-after-free in the CXL driver. This happens in the cxldecoderadd fail path. KASAN prints the following error: BUG: KASAN: slab-use-after-free in...

DEBIAN-CVE-2023-53473

In the Linux kernel, the following vulnerability has been resolved: ext4: improve error handling from ext4dirhash The ext4dirhash will almost never fail, especially when the hash tree feature was first introduced. However, with the addition of support of encrypted, casefolded file names, that...

DEBIAN-CVE-2023-53472

In the Linux kernel, the following vulnerability has been resolved: pwm: lpc32xx: Remove handling of PWM channels Because LPC32xx PWM controllers have only a single output which is registered as the only PWM device/channel per controller, it is known in advance that pwm-hwpwm value is always 0. O...

DEBIAN-CVE-2023-53467

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential leak in rtw89appendprobereqie Do kfreeskbnew before goto out to prevent potential leak...

DEBIAN-CVE-2023-53464

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Check that sock is valid before iscsisetparam The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad "scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling...

DEBIAN-CVE-2023-53460

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix memory leak in rtwusbprobe drivers/net/wireless/realtek/rtw88/usb.c:876 rtwusbprobe warn: 'hw' from ieee80211allochw not released on lines: 811 Fix this by modifying return to a goto statement...

DEBIAN-CVE-2023-53457

In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Fix null-ptr-deref Read in txBegin Syzkaller reported an issue where txBegin may be called on a superblock in a read-only mounted filesystem which leads to NULL pointer deref. This could be solved by checking if the...

DEBIAN-CVE-2023-53455

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: drop all currently held locks if deadlock happens If vc4hdmiresetlink returns -EDEADLK, it means that a deadlock happened in the locking context. This situation should be addressed by dropping all currently held locks an...

DEBIAN-CVE-2023-53450

In the Linux kernel, the following vulnerability has been resolved: ext4: remove a BUGON in ext4mbreleasegrouppa If a malicious fuzzer overwrites the ext4 superblock while it is mounted such that the sfirstdatablock is set to a very large number, the calculation of the block group can underflow,...

DEBIAN-CVE-2022-50469

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potential memory leak in rtwinitdrvsw In rtwinitdrvsw, there are various init functions are called to populate the padapter structure and some checks for their return value. However, except for the first o...

DEBIAN-CVE-2022-50467

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFTID An error case exit from lpfccmplctcmdgftid results in a call to lpfcnlpput with a null pointer to a nodelist structure. Changed lpfccmplctcmdgftid to...

DEBIAN-CVE-2022-50466

In the Linux kernel, the following vulnerability has been resolved: fs/binfmtelf: Fix memory leak in loadelfbinary There is a memory leak reported by kmemleak: unreferenced object 0xffff88817104ef80 size 224: comm "xfsadmin", pid 47165, jiffies 4298708825 age 1333.476s hex dump first 32 bytes: 00...

DEBIAN-CVE-2022-50462

In the Linux kernel, the following vulnerability has been resolved: MIPS: vpe-mt: fix possible memory leak while module exiting Afer commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically, it need be freed when module exiting,...

DEBIAN-CVE-2022-50463

In the Linux kernel, the following vulnerability has been resolved: powerpc/52xx: Fix a resource leak in an error handling path The error handling path of mpc52xxlpbfifoprobe has a requestirq that is not balanced by a corresponding freeirq. Add the missing call, as already done in the remove...

DEBIAN-CVE-2022-50453

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbinding the GPIO device, then calling any of the system calls relevant to the GPIO character device's...

DEBIAN-CVE-2022-50456

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix resolving backrefs for inline extent followed by prealloc If a file consists of an inline extent followed by a regular or prealloc extent, then a legitimate attempt to resolve a logical address in the non-inline region...